68d973bec378a666722706f43bac4430_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68d973bec378a666722706f43bac4430_JaffaCakes118
Size

1.1MB
MD5

68d973bec378a666722706f43bac4430
SHA1

7a12c731d0c3fe6a849d11113a629ed47362052a
SHA256

1a33b1b36ef50762ac5731dba943b9ff05e675dacac901dbff4666b706f2cee6
SHA512

11d1cf562c0eb6747fbf29450ba7a88bfab8001d324e1d759f4dd6c15c3d288419dbeff48b8a20cb06d818da78194d2eb75ebd196343e8cf28df8b35790aea44
SSDEEP

24576:KlCZaq1iROwOJFazOkbzB4hTRKlTpmTx8+nzCF1LG1:wCZ98OBynXChIlT28+nzGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68d973bec378a666722706f43bac4430_JaffaCakes118

Files

68d973bec378a666722706f43bac4430_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 971KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE